FireTail logo FireTail logo
Platform Documentation
SaaS platform docs
API Documentation
REST API reference
Release Notes
Changelog & releases
Go to App
Region
    • Welcome to FireTail's Documentation Hub
    • Product overview
    • Setup guide
    • Glossary
    • Dashboard overview
    • API risk dashboard
    • API traffic dashboard
    • AI dashboard
    • Dashboard filters
    • Tag reference guide
    • AI filters
        • Findings overview
        • FireTail's AI Findings
          • Adversarial suffix vulnerability
          • ANSI vulnerability
          • Attack generation vulnerability
          • Block list bypass vulnerability
          • Continuation vulnerability
          • DAN jailbreak vulnerability
          • Do-Not-Answer vulnerability
          • Glitch token vulnerability
          • Goodside vulnerability
          • Grandma vulnerability
          • Latent injection vulnerability
          • Malware generation vulnerability
          • Misleading claims vulerability
          • Modal jailbreak vulnerability
          • No output scanning
          • Package hallucination vulnerability
          • Phrasing vulnerability
          • Prompt encoding vulnerability
          • Prompt injection vulnerability
          • Prone to harmful content
          • Prone to toxic content generation
          • Repeat-reply vulnerability
          • Replay vulnerability
          • Snowball vulnerability
          • TAP jailbreak vulnerability
          • XSS attack vulnerability
          • AI Input Tokens Elevated
          • AI Input Tokens Reduced
          • AI Latency Elevated
          • AI Latency Reduced
          • AI Majority Stop Reason
          • AI Output Tokens Elevated
          • AI Output Tokens Reduced
          • AI Total Tokens Elevated
          • AI Total Tokens Reduced
          • AWS Secrets Found in AI Logs
          • Base64-encoded content detected in AI logs
          • Facebook Secrets Found in AI Logs
          • GitLab Secrets Found in AI Logs
          • Google Secrets Found in AI Logs
          • Mailgun Secrets Found in AI Logs
          • Multilingual content detected in AI logs
          • PayPal Secrets Found in AI Logs
          • PII Detected in AI Logs
          • SendGrid Secrets Found in AI Logs
          • Slack Secrets Found in AI Logs
          • Stripe Secrets Found in AI Logs
          • Twilio Secrets Found in AI Logs
        • Resource Policies overview
        • Create a resource policy
        • Alerting overview
        • Create an anomaly alert
        • Comparison of static and anomaly alerts
        • Delete an alert
        • Static alert
        • Alert examples
        • Actions
        • Event driven actions
        • Scheduled actions
        • Managed actions
        • Actions history
        • Actions quotas
    • Inventory
      • Cloud logs
      • FireTail AI Monitor browser extension
        • API Findings overview
        • FireTail's API Findings
          • Accepted negative data
          • Alias Overloading
          • Array-based Query Batching
          • CVE Detected
          • Data exposure detected
          • Default Login Detected
          • Directive Overloading
          • Field Duplication
          • Field Suggestions
          • Get Method Query Support
          • GraphQL client error
          • GraphQL IDE
          • GraphQL server error
          • Introspection is enabled
          • Introspection-based Circular Query
          • JSON deserialization error
          • Malformed media type
          • Missing Content-Type header
          • Missing required headers
          • Mutation over GET
          • POST based url-encoded query (possible CSRF)
          • Response time limit exceeded
          • Response timeout
          • Response violates schema
          • Server error
          • Tracing enabled
          • Undocumented Content-Type
          • Undocumented HTTP status code
          • Unexpected GraphQL Response
          • Unhandled Errors in GraphQL Endpoint
          • Use after free
          • Access logging should be configured for API Gateway V2 Stages
          • API Gateway access logging is not configured for FireTail
          • API Gateway REST and WebSocket API execution logging should be enabled
          • API Gateway Stage missing WAF
          • AppSync field-level logging is not enabled
          • AppSync GraphQL API authentication using API keys
          • AppSync Graphql API is missing WAF
          • AppSync GraphQL API query depth limit high
          • AppSync GraphQL API query depth limit not set
          • AppSync GraphQL API resolver count limit high
          • AppSync GraphQL API resolver count limit not set
          • AppSync introspection endpoint enabled
          • AppSync logging is not enabled
          • AWS ALB has insecure desync mitigation mode
          • AWS ALB has WAF set to fail open
          • AWS ALB is missing WAF
          • AWS ALB listeners should be configured with a strong security policy
          • AWS ALB listeners should use HTTPS or TLS termination
          • AWS ALB logging is not enabled
          • AWS ALB not configured to drop invalid HTTP headers
          • AWS ALB should redirect HTTP to HTTPS
          • AWS Load Balancer missing deletion protection
          • Average Combined Header Size Elevated
          • Average Combined Header Size Reduced
          • Average Combined Payload Size Elevated
          • Average Combined Payload Size Reduced
          • Average Execution Time Elevated
          • Average Execution Time Reduced
          • Average Request Header Size Elevated
          • Average Request Header Size Reduced
          • Average Request Payload Size Elevated
          • Average Request Payload Size Reduced
          • Average Response Header Size Elevated
          • Average Response Header Size Reduced
          • Average Response Payload Size Elevated
          • Average Response Payload Size Reduced
          • AWS secrets found in logs
          • Basic Authentication found in logs
          • Facebook secrets found in logs
          • Fuzzing Successful
          • GitLab secrets found in logs
          • Google secrets found in logs
          • GraphQL injection found in logs
          • Mailgun secrets found in logs
          • Majority Response Status Codes 1XX
          • Majority Response Status Codes 3XX
          • Majority Response Status Codes 4XX
          • Majority Response Status Codes 5XX
          • Malicious activity found in logs
          • Paypal secrets found in logs
          • PHP injection found in logs
          • PII detected in logs
          • SendGrid secrets found in logs
          • Slack secrets found in logs
          • SQL Injection found in logs
          • SSL Vulnerabilities Detected
          • Stripe secrets found in logs
          • Suspicious activity found in logs
          • Twilio secrets found in logs
          • Vulnerabilities Detected
          • XSS attempt found in logs
          • API key in query string
          • API key in URL
          • Authentication removed
          • AWS API Gateway not private
          • Basic HTTP auth
          • Circular references
          • Credentials in URL
          • Index creation failed
          • Insecure auth scheme
          • Insecure host (OAS2)
          • Insecure host (OAS3)
          • Legacy integer limit
          • Missing 401 response
          • Missing 429 response
          • Missing 4xx response
          • Missing 500 response
          • Missing additional properties
          • Missing array limit
          • Missing authentication
          • Missing global security
          • Missing global security
          • Missing rate limit headers
          • Missing retry header
          • Non-standard JSON Web Token
          • Numeric ID
          • Plaintext alternative authentication
          • Plaintext API key
          • Plaintext Basic Authentication
          • Plaintext Bearer Token
          • Plaintext Digest Authentication
          • Plaintext negotiated authentication
          • Plaintext unknown authentication
          • Schema build failure
          • Unconstrained additional properties
          • Undefined integer format
          • Undefined integer limit
          • Undefined string limit
          • Unresolvable references
          • Unrestricted string
        • Resource Policies overview
        • Create a resource policy
        • Alerting overview
        • API static alert
        • Create an anomaly alert
        • Comparison of static and anomaly alerts
        • Managed API alerts
        • Delete an alert
        • Update an API static alert
        • Update an API anomaly alert
        • API actions
        • API event driven actions
        • API scheduled actions
        • API managed actions
        • Custom action integration example
        • Actions history
        • Actions quotas
      • API inventory overview
      • Create an API
      • Delete an API
      • Modify an API
      • Create an API token
      • Delete an API token
      • API risk scoring
        • Specifications overview
        • Upload a specification
        • Generate a specification
        • Upload a new version of a specification
        • Delete a specification
    • API Logging
    • Create an auth provider
      • Create a new organization
        • Add a member to an organization
        • Roles and permissions
        • Change member role
        • Delete member
        • Reset password
        • Reset two-factor authentication
      • Understanding quotas in FireTail
      • Subscriptions and billing
      • Create a project
      • Modify a project
      • Delete a project
      • Create a project token
      • Delete a project token
      • Events overview
      • Event codes
      • OWASP Top 10 report
      • Findings report
      • Mitre CWE Top 25 report
      • CIS API Security Guide report
      • Mitre techniques report
      • Mitre tactics report
      • Platform usage report
      • AWS Bedrock AI resources report
      • OpenAI resources report
      • GitHub AI resource scanning service report
      • GitLab AI resource scanning service report
      • Azure AI service report
      • Azure OpenAI service resources report
      • Integrations overview
      • Dynamic variables
      • Integrations permissions requirements
      • Delete an integration
        • AWS inventory scanning (single account)
        • AWS inventory scanning (multi-account)
        • Update FireTail scanning role in AWS inventory scanning
        • Azure inventory scanning
        • Google Cloud inventory scanning
        • Wiz integration setup
        • GitHub integration for API & AI discovery
        • GitLab integration for API & AI discovery
        • Bitbucket Cloud repo scanning for API & AI discovery
        • Azure DevOps repo scanning for API & AI discovery
        • AWS Bedrock invoke
        • OpenAI discovery
        • Google Cloud API Gateway logging
        • AWS API Gateway logging with AWS Lambda
        • AWS Bedrock logging with AWS Lambda
        • AWS API Gateway logging with Kinesis FireHose
        • AppSync Lambda logging
        • Lambda extension
        • AWS Application Load Balancer logging
        • Azure API Management service logging
        • Fastly logging
        • Set up a Slack integration
        • Set up a Microsoft Teams integration
        • Set up a Lambda notification integration
        • Set up a Jira integration
        • Set up an HTTP Webhook integration
        • AWS WAFv2 IP Set
        • Set up a Splunk integration
        • Set up a PagerDuty integration
        • Set up an email integration
        • Set up a ServiceNow integration
        • Set up an SMTP Email notification
        • Customize notification integrations
        • Notification history
        • Code library overview
        • Python library
        • Go library
        • FireTail Node JS library
        • Ruby library
        • GitHub actions
        • NGINX module
        • APISIX integration
        • KrakenD plugin
        • Rust library
        • Kubernetes sensor
        • Introduction
        • Quickstart
        • Command-line interface
        • Routing
        • Request handling
        • Response handling
        • Security
        • FireTail cookbook
        • Exception handling
    • Programmatic Access Setup
      • How do I create an account?
      • How do I log in to the platform?
      • How do I reset my password?
      • Why create an organization?
      • How do I delete a member?
      • What are the differences between the subscription plans?
      • How do I switch my subscription plan?
      • How do I change my payment details?
      • How do I scan my AWS account for APIs?
      • Do you have any integrations with Azure?
      • Can I set up an on premise installation?
      • How do I view and analyze AI logs?
      • How can I check my usage quotas?
      • How long is traffic data stored?
      • How do I download information from the FireTail platform?
      • What is the significance of token usage in AI services?
      • What is the difference between an AI system prompt and a user prompt?
      • What does FireTail consider an API?
      • What's the difference between a finding and an alert?
      • What happens when a finding is fixed?

Subscription & Billing

Updated: November 4, 2025

Need help?

Contact FireTail support